🔶 terraform-aws-vulne-soldier

This Terraform module consists of the configuration for automating the remediation of AWS EC2 vulnerabilities using AWS Inspector findings.

https://github.com/iKnowJavaScript/terraform-aws-vulne-soldier

#aws #tools

🔶 whoAMI: A cloud image name confusion attack

Post detailing the discovery and impact of the whoAMI cloud image name confusion attack, which could allow attackers to execute code within AWS accounts due to a vulnerable pattern in AMI retrieval.

https://securitylabs.datadoghq.com/articles/whoami-a-cloud-image-name-confusion-attack/

#aws

🔶 AWS Tightens the Reins: New AWS SaaS Marketplace Rules Will Impact Your Commitments

AWS has announced new rules for its SaaS Marketplace that will significantly affect how customers meet their spend commitments.

https://www.duckbillgroup.com/blog/new-aws-marketplace-rules/

#aws

🔶 Announcing ASCP integration with Pod Identity: Enhanced security for secrets management in Amazon EKS

The integration of ASCP with Pod Identity marks a significant step forward in secrets management for Amazon EKS. It offers enhanced security, simplified configuration, and improved operations.

https://aws.amazon.com/ru/blogs/security/announcing-ascp-integration-with-pod-identity-enhanced-security-for-secrets-management-in-amazon-eks/

(Use VPN to open from Russia)

#aws

🔴 jit-groups

JIT Groups is an open source application that lets you implement secure, self-service access management for Google Cloud using groups.

https://github.com/GoogleCloudPlatform/jit-groups

#gcp

🔶 The Cat Flap - How to really Purrsist in AWS Accounts

A playful guide to creating covert backdoors in AWS accounts, specifically using the AWSControlTowerExecution role.

https://rootcat.de/blog/thecatflap/

#aws

🔶 Abusing AWS Serverless Image Handler

The AWS solution "Dynamic Image Transformation for Amazon CloudFront", previously known as "AWS Serverless Image Handler", contains a configuration weakness where the role associated with the Lambda does not constrain which buckets can be accessed. The environment variable can be set to a wildcard allowing access to any bucket.

https://www.o3c.no/knowledge/abusing-aws-serverless-image-handler

#aws

🔶 Emulating AWS S3 SSE-C Ransom for Threat Detection

Article exploring how threat actors leverage Amazon S3's Server-Side Encryption with Customer-Provided Keys (SSE-C) for ransom/extortion operations.

https://www.elastic.co/security-labs/emulating-aws-s3-sse-c

#aws

🔶 The Risk You Can't Afford to Ignore: AWS SES and Email Spoofing

This article discusses AWS SES email spoofing vulnerabilities, potentially enabling phishing attacks.

https://badshah.io/aws-ses-and-email-spoofing/

#aws

🔴 Finding Malware: Detecting Fake Browser Updates Attacks with Google Security Operations

This post dive into Fake Browser Update Attacks, the payloads they deliver, and detection opportunities within the Google SecOps platform.

https://www.googlecloudcommunity.com/gc/Community-Blog/Finding-Malware-Detecting-Fake-Browser-Updates-Attacks-with/ba-p/876307

#gcp

🔴 Inter-VPC connectivity architecture patterns in Cross-Cloud Network

How to use Cross-Cloud Network to design inter-network communication architectures with Network Connectivity Center or VPC peering.

https://cloud.google.com/blog/products/networking/inter-network-communication-design-with-ncc-vpc-peering/

#gcp

🔶 Connect your on-premises Kubernetes cluster to AWS APIs using IAM Roles Anywhere

IAM Roles Anywhere enables workloads outside of AWS to access AWS resources by exchanging X.509 bound identities for temporary AWS credentials.

https://aws.amazon.com/ru/blogs/security/connect-your-on-premises-kubernetes-cluster-to-aws-apis-using-iam-roles-anywhere/

(Use VPN to open from Russia)

#aws

🔶 From log analysis to rule creation: How AWS Network Firewall automates domain-based security for outbound traffic

Post guiding you through the implementation of the AWS Network Firewall automated domain list feature, providing a detailed overview, step-by-step instructions, and best practices to optimize your network security.

https://aws.amazon.com/ru/blogs/security/from-log-analysis-to-rule-creation-how-aws-network-firewall-automates-domain-based-security-for-outbound-traffic/

(Use VPN to open from Russia)

#aws

🔶 Evaluating AWS Native Approaches for Detecting Suspicious API Calls

Three primary approaches: 1) EventBridge → SNS → Email, 2) CloudTrail → S3 → Lambda → SNS → Email, and 3) CloudTrail → CloudWatch → MetricFilter → MetricAlert → SNS → Email.

https://medium.com/@adan.alvarez/diy-evaluating-aws-native-approaches-for-detecting-suspicious-api-calls-c6e05de97a49

(Use VPN to open from Russia)

#aws

🔴 Introducing AI Protection: Security for the AI era

Google Cloud's new AI Protection safeguards AI workloads and data across clouds and models, no matter the platform.

https://cloud.google.com/blog/products/identity-security/introducing-ai-protection-security-for-the-ai-era/

#gcp

🔴 gcp-landing-zone

This repository contains the Terraform code necessary to set up a Landing Zone using the Google Cloud Platform (GCP).

https://github.com/ollionorg/gcp-landing-zone

#gcp